Skip to main content
rulesSource-backedReview first Safety Privacy

AI-Generated Prototype Pollution Review Rules

Source-backed rules for reviewing AI-generated JavaScript/TypeScript code before merge for prototype pollution risk, covering unsafe recursive merge/clone/assign helpers on untrusted input, proto and constructor-prototype key handling, and safer alternatives like Map, Set, and Object.create(null).

by lourincedaging0-commits·added 2026-07-15·
HarnessClaude Code
Review first review before installing

Open the source and read safety notes before installing.

Citation facts

Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.

Source URLs
https://cheatsheetseries.owasp.org/cheatsheets/Prototype_Pollution_Prevention_Cheat_Sheet.html, https://github.com/JSONbored/awesome-claude/blob/main/content/rules/ai-generated-prototype-pollution-review-rules.mdx
Safety notes
Prototype pollution lets an attacker add or overwrite properties on Object.prototype (or another shared built-in prototype), which can silently change behavior across the entire application — from denial-of-service and logic bypasses to, in some frameworks/environments, remote code execution., AI assistants often write a straightforward recursive merge/deep-clone/deep-set helper (a natural, short implementation for combining config objects or request bodies) without excluding __proto__/constructor/prototype keys, because the happy-path test data never includes those key names., This is a real, repeatedly-exploited class in widely-used JavaScript libraries, not a theoretical concern — for example CVE-2019-10744 in lodash's defaultsDeep allowed Object.prototype pollution via a crafted {constructor: {prototype: {...}}} input.
Privacy notes
Prototype pollution proof-of-concept payloads can trigger unexpected application-wide behavior in a shared environment; test in an isolated sandbox, not a shared staging or production system., Do not commit a working exploit payload targeting a specific internal endpoint into a public PR or issue; describe the vulnerable merge pattern and the class of key involved instead.
Author
lourincedaging0-commits
Submitted by
lourincedaging0-commits
Claim status
unclaimed
Last verified
2026-07-15

Decision playbook

Review trust signals before you adopt

Signals are present but mixed. Use the checklist below to confirm the source and operational safety for your environment.

Compare context
Selected

0

Current score

78

Baseline

Delta

No baseline selected

No major trust-signal divergence detected in the current selection.

Source and provenance checks

Complete

Confirm ownership and provenance before trusting install instructions.

  • Source link availableRequired

    Open the canonical repository and verify ownership.

    Done
  • Source provenance statusRequired

    Marked as source-backed.

    Done
  • Metadata reviewed

    Registry metadata indicates a reviewed listing.

    Done

Safety and privacy checks

Complete

Validate risk disclosures before installation or API wiring.

  • Safety notes presentRequired

    Review the listed safety guidance before running commands.

    Done
  • Privacy notes presentRequired

    Review data handling notes before connecting accounts or secrets.

    Done
  • Trust level risk gateRequired

    Trust level does not block evaluation.

    Done

Package and install checks

Needs review

Check package metadata and artifact integrity signals.

  • Install payload available

    Install or copy payload is available for review.

    Done
  • Package verification flag

    No package verification flag provided.

    Pending
  • Checksum metadata

    No checksum provided for downloaded artifact.

    Pending

Compare-driven decision checks

Needs review

Use compare context to validate trade-offs before adoption.

  • Compare tray has multiple entries

    Add at least one more entry to compare trust differences.

    Pending
  • Baseline comparison available

    No baseline peer selected yet.

    Pending
  • Diverging trust signals identified

    No major trust-signal divergence found.

    Pending

Setup at a glance

Copy & paste

Copy-ready — paste the snippet to get started.

10 minutes

Install command

Not provided

Config snippet

Not provided

Copy snippet

Provided

Prerequisites

4 to clear

Platforms

1 listed

Install type

Copy & paste

Adoption plan

Balanced adoption plan

Current risk score 16/100. Use staged verification before broader rollout.

Risk 16

Pre-adoption checks

Validate source and review signals before any execution.

  • Confirm source provenanceRequired

    Source URL/provenance metadata is present.

    Done
  • Confirm metadata review state

    Listing has review metadata.

    Done
  • Verify install payload

    Install/config payload exists and can be inspected.

    Done

Security checks

Confirm safety, privacy, and package integrity signals.

  • Review safety notesRequired

    Safety notes are present.

    Done
  • Review privacy notesRequired

    Privacy notes are present.

    Done
  • Verify package integrity metadata

    No package verification/checksum metadata.

    Pending

Rollout

Adopt in controlled steps based on the selected plan.

  • Run in isolated sandbox firstRequired

    Use a constrained sandbox and observe behavior across multiple tasks.

    Pending
  • Roll out graduallyRequired

    Roll out to a small cohort before wider usage.

    Pending
  • Set monitoring and fallback

    Define rollback path and monitor errors after adoption.

    Pending

Evidence readiness

Evidence readiness matrix · balanced

Required evidence gates are covered (5/6 signals complete).

Risk 15

Source provenance

Present

Source repository/provenance is listed.

Required in this preset

Metadata review

Present

Review metadata is present.

Required in this preset

Safety notes

Present

Safety notes are present.

Required in this preset

Privacy notes

Present

Privacy notes are present.

Optional in this preset

Package integrity

Missing

Package integrity metadata is missing.

Optional in this preset

Install payload

Present

Install payload is available.

Required in this preset

Required evidence gates are covered for this preset.

Decision timeline

Decision timeline · balanced

5/6 steps complete with no blocking gaps for this preset.

Risk 14

triage

Confirm source provenanceRequired

Source/provenance metadata is available.

Done

triage

Check metadata review statusRequired

Review metadata is available.

Done

verify

Review safety notesRequired

Safety notes are available.

Done

verify

Review privacy notes

Privacy notes are available.

Done

verify

Validate package integrity metadata

Package integrity metadata is missing.

Pending

rollout

Verify install payload and commandsRequired

Install payload is available.

Done

No required blockers for this timeline preset.

Prerequisite readiness

Prerequisite readiness

4 prerequisites to line up before setup.

0/4 ready
Configuration1Permissions & scopes1General210 minutes

Safety & privacy surface

Safety & privacy surface

3 safety and 2 privacy notes across 3 risk areas. Review closely: network access.

3 areas
  • SafetyNetwork accessPrototype pollution lets an attacker add or overwrite properties on Object.prototype (or another shared built-in prototype), which can silently change behavior across the entire application — from denial-of-service and logic bypasses to, in some frameworks/environments, remote code execution.
  • SafetyNetwork accessAI assistants often write a straightforward recursive merge/deep-clone/deep-set helper (a natural, short implementation for combining config objects or request bodies) without excluding __proto__/constructor/prototype keys, because the happy-path test data never includes those key names.
  • SafetyExecution & processesThis is a real, repeatedly-exploited class in widely-used JavaScript libraries, not a theoretical concern — for example CVE-2019-10744 in lodash's defaultsDeep allowed Object.prototype pollution via a crafted {constructor: {prototype: {...}}} input.
  • PrivacyGeneralPrototype pollution proof-of-concept payloads can trigger unexpected application-wide behavior in a shared environment; test in an isolated sandbox, not a shared staging or production system.
  • PrivacyNetwork accessDo not commit a working exploit payload targeting a specific internal endpoint into a public PR or issue; describe the vulnerable merge pattern and the class of key involved instead.

Safety notes

  • Prototype pollution lets an attacker add or overwrite properties on Object.prototype (or another shared built-in prototype), which can silently change behavior across the entire application — from denial-of-service and logic bypasses to, in some frameworks/environments, remote code execution.
  • AI assistants often write a straightforward recursive merge/deep-clone/deep-set helper (a natural, short implementation for combining config objects or request bodies) without excluding __proto__/constructor/prototype keys, because the happy-path test data never includes those key names.
  • This is a real, repeatedly-exploited class in widely-used JavaScript libraries, not a theoretical concern — for example CVE-2019-10744 in lodash's defaultsDeep allowed Object.prototype pollution via a crafted {constructor: {prototype: {...}}} input.

Privacy notes

  • Prototype pollution proof-of-concept payloads can trigger unexpected application-wide behavior in a shared environment; test in an isolated sandbox, not a shared staging or production system.
  • Do not commit a working exploit payload targeting a specific internal endpoint into a public PR or issue; describe the vulnerable merge pattern and the class of key involved instead.

Prerequisites

  • A pull request, diff, or snippet containing AI-generated or AI-edited JavaScript/TypeScript code that recursively merges, clones, or assigns object properties.
  • Knowledge of which objects in the change are built from or merged with untrusted input (request bodies, query strings, parsed config/JSON/YAML).
  • Awareness that this class of bug affects the entire process, not just the object being merged — Object.prototype pollution can enable denial-of-service, property injection into unrelated objects, or in some environments remote code execution.
  • Permission to block merge when a recursive merge/clone/assign helper on untrusted input doesn't explicitly guard __proto__/constructor/prototype keys.

Schema details

Install type
copy
Troubleshooting
Yes
Collection metadata
Estimated setup
10 minutes
Difficulty
intermediate
Full copyable content
You are reviewing AI-generated JavaScript/TypeScript code for prototype
pollution risk.

Rules:
1. Identify every recursive merge, deep-clone, deep-assign, or "set a
   nested path from a string" helper the change adds or edits, and
   whether the source object's keys can be influenced by user input
   (request body, query string, parsed JSON/YAML, a config file a user
   can upload).
2. Flag any such helper that copies keys without excluding `__proto__`,
   `constructor`, and `prototype` — a key named `__proto__` in the
   source object, or a nested `constructor.prototype` path, can let an
   attacker write properties onto `Object.prototype` itself, affecting
   every object in the process.
3. Prefer `Map`/`Set` over a plain object literal for any untrusted
   key-value data — `Map`/`Set` have no prototype chain to pollute for
   the keys/values they store, unlike `{}`.
4. When a plain object is required, create it with `Object.create(null)`
   (no inherited prototype) rather than `{}`, or use `{ __proto__: null }`
   as a last resort when `Object.create` isn't available in context.
5. Do not trust a hand-rolled recursive merge/clone as automatically
   safe just because it looks similar to a well-known library function;
   confirm it explicitly denies `__proto__`/`constructor`/`prototype`
   keys at every recursion level, not just the top level.
6. Treat any dependency that performs deep merging, cloning, or templating
   on external input (config-merging libraries, deep-set-by-path
   utilities) as needing a version check against known prototype
   pollution advisories for that library, not just an assumption that
   "it's a popular package so it's safe."

About this resource

Purpose

Use these rules when an AI coding assistant writes or edits JavaScript or TypeScript code that recursively merges, deep-clones, or assigns properties from an object built from untrusted input. The goal is to stop a generated config-merge, deep-clone, or "set a nested path from a string" helper from letting an attacker pollute Object.prototype (or another built-in prototype) and silently change behavior across the whole application.

This is a review policy, not a prototype-pollution tutorial. It tells reviewers what must be true about a generated change's object-merging code before the change is safe to merge.

Review Inputs

Collect enough context to know which objects are merged/cloned and where their keys come from.

  • Every recursive merge, deep-clone, deep-assign, or dynamic nested-path-set helper the change adds or edits.
  • Whether the source object being merged/cloned/read from can have its keys influenced by user input — a request body, query string, parsed JSON/YAML, an uploaded config file.
  • Whether the change adds or updates a dependency that performs deep merging or cloning on external input, and what version is pinned.
  • Whether plain object literals ({}) or Map/Set are used to hold untrusted key-value data.

Merge/Clone Guard Rules

  • Any recursive merge, deep-clone, or deep-assign helper that processes untrusted input must explicitly reject or skip __proto__, constructor, and prototype as keys at every recursion level, not just the top level of the object.
  • Do not assume a hand-rolled merge helper is safe because it "looks like" a well-known library's merge function; verify the guard is actually present in the diff.
  • When adding or bumping a dependency that performs deep merging, cloning, or path-based assignment on external input (a config-merge library, a deep-set-by-string-path utility), check the version against known prototype-pollution advisories for that specific library rather than assuming popularity implies safety.
  • Prefer a well-maintained, current-version library with a documented fix for this class of bug over a new hand-rolled merge implementation, when one is genuinely needed.

Safer Object Construction Rules

  • Prefer Map/Set over a plain object literal for any collection built from untrusted keys — they have no prototype chain for attacker-supplied keys to pollute, unlike {}.
  • When a plain object is required, construct it with Object.create(null) so it has no inherited prototype, or use { __proto__: null } as a fallback when Object.create isn't available in that context.
  • Consider Object.freeze()/Object.seal() on built-in prototypes as an additional defense-in-depth layer, understanding it can break libraries that legitimately extend built-ins, so apply and test it deliberately rather than blanket-applying it.
  • In Node.js, the --disable-proto=delete flag removes the __proto__ accessor entirely as a defense-in-depth measure; note it does not stop pollution via constructor.prototype, so it complements rather than replaces the merge/clone guards above.

Merge Blockers

Block merge when any of these is true.

  • A recursive merge/clone/deep-assign helper processes untrusted input without excluding __proto__, constructor, and prototype keys at every level.
  • A new or updated deep-merge/clone/path-assignment dependency is added without checking its version against known prototype-pollution advisories.
  • Untrusted key-value data is stored in a plain object literal where a Map/Set or Object.create(null) would avoid the prototype-chain risk entirely, with no documented reason for the plain object.
  • A hand-rolled merge/clone helper duplicates functionality an existing, already-guarded shared helper provides.

Review Checklist

  • {"task": "Merge/clone helpers identified", "description": "Every recursive merge, deep-clone, or deep-assign helper touching untrusted input is identified"}
  • {"task": "Dangerous keys excluded", "description": "proto, constructor, and prototype keys are explicitly rejected at every recursion level"}
  • {"task": "Safer collection type used", "description": "Untrusted key-value data uses Map/Set or Object.create(null) rather than a plain {} literal, where practical"}
  • {"task": "Dependency versions checked", "description": "Any deep-merge/clone/path-assignment dependency is checked against known prototype-pollution advisories for its version"}
  • {"task": "No parallel unguarded helper", "description": "The change doesn't add a new merge/clone helper next to an existing guarded shared one"}

AI Review Rules

AI assistants can write and review object-merging code, but they should show their evidence.

  • Ask the assistant to list every recursive merge/clone/deep-assign helper in the change and whether its input can be influenced by a user.
  • Require the assistant to point to the exact line(s) that guard against __proto__/constructor/prototype keys, not just assert the helper is "safe."
  • Have the assistant check the version of any deep-merge/clone dependency against known CVEs/advisories for that library.
  • Do not let the assistant claim a merge helper is safe because tests only used ordinary key names; require a test with a __proto__ or constructor.prototype payload.
  • Re-run review after any change to shared merge/clone/config-loading helpers or their dependencies.

Troubleshooting

  • A legitimate key named constructor or prototype needs to be stored: use a Map for that data instead of a plain object, so the key name has no special meaning.
  • Object.freeze() on a built-in prototype breaks a library: that library legitimately extends the built-in; scope the freeze more narrowly or drop it, and rely on the merge/clone-level guards instead.
  • Tests only cover normal merge behavior: add a test that attempts to merge in a {"__proto__": {"polluted": true}} or {"constructor": {"prototype": {"polluted": true}}} payload and asserts ({}).polluted remains undefined afterward.
  • A third-party library is flagged for a known prototype-pollution CVE: upgrade to the patched version rather than adding a local workaround, so the fix isn't silently lost on the next unrelated dependency bump.

Duplicate And History Check

Before adding a new merge/clone/deep-assign helper, confirm the codebase does not already have a shared, guarded utility for this. A generated change that adds a new hand-rolled merge function next to an existing guarded shared helper should be treated as suspicious — check whether the existing mechanism was simply not reused before introducing a second, possibly unguarded one.

Reference

Pattern Risk Fix
Recursive merge(target, source) with no key filter {"__proto__": {...}} pollutes Object.prototype Explicitly skip __proto__/constructor/prototype at every level
defaultsDeep-style deep-defaults on user input {"constructor": {"prototype": {...}}} pollution (CVE-2019-10744 pattern) Guarded merge helper or a patched, current library version
Untrusted data stored as {} Inherits from Object.prototype Map/Set, or Object.create(null)
Old deep-merge dependency, never version-checked May carry a known, patched prototype-pollution CVE Pin/upgrade to a version with the fix, verify via its advisory

Sources

  • OWASP Prototype Pollution Prevention Cheat Sheet
  • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
  • PortSwigger Web Security Academy: Prototype pollution
  • GitHub Security Advisory GHSA-jf85-cpcp-j695: Prototype Pollution in lodash (CVE-2019-10744)

Source citations

Add this badge to your README

Show that AI-Generated Prototype Pollution Review Rules is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

Listed on HeyClaude
[![Listed on HeyClaude](https://heyclau.de/badge/rules/ai-generated-prototype-pollution-review-rules.svg)](https://heyclau.de/entry/rules/ai-generated-prototype-pollution-review-rules)

How it compares

AI-Generated Prototype Pollution Review Rules side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

1 trust signal differ across this comparison (Submitter).

Field

Source-backed rules for reviewing AI-generated JavaScript/TypeScript code before merge for prototype pollution risk, covering unsafe recursive merge/clone/assign helpers on untrusted input, proto and constructor-prototype key handling, and safer alternatives like Map, Set, and Object.create(null).

Open dossier

Source-backed rules for reviewing AI-generated request handlers and forms before merge for cross-site request forgery risk, covering state-changing method discipline, anti-CSRF token correctness, SameSite cookie posture, origin and referer checks, and safe handling of cookie-based sessions.

Open dossier

Source-backed rules for reviewing AI-generated endpoints and data-access code before merge for insecure direct object reference risk, covering per-request object-level authorization checks, scoped database lookups, identifier exposure, and consistent enforcement across read, write, and admin operations.

Open dossier

Source-backed rules for reviewing AI-generated code that deserializes data before merge for insecure deserialization risk, covering native serialization formats (pickle, PyYAML, Java Serializable) that can execute arbitrary code on untrusted input, safe data-interchange alternatives, and class allowlisting/integrity checks when native formats can't be avoided.

Open dossier
Next steps
Trust
Review statusReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewed
Package trustPackage not verifiedPackage not verifiedPackage not verifiedPackage not verified
Source provenanceSource-backedSource-backedSource-backedSource-backed
SubmitterDifferslourincedaging0-commitsjaso0n0818lourincedaging0-commitslourincedaging0-commits
Install riskReview firstReview firstReview firstReview first
Notes Safety Privacy Safety Privacy Safety Privacy Safety Privacy
Brand
Categoryrulesrulesrulesrules
Sourcesource-backedsource-backedsource-backedsource-backed
Authorlourincedaging0-commitsjaso0n0818lourincedaging0-commitslourincedaging0-commits
Added2026-07-152026-06-222026-07-152026-07-15
Platforms
Claude Code
Claude Code
Claude Code
Claude Code
Source repo
Safety notesPrototype pollution lets an attacker add or overwrite properties on Object.prototype (or another shared built-in prototype), which can silently change behavior across the entire application — from denial-of-service and logic bypasses to, in some frameworks/environments, remote code execution. AI assistants often write a straightforward recursive merge/deep-clone/deep-set helper (a natural, short implementation for combining config objects or request bodies) without excluding __proto__/constructor/prototype keys, because the happy-path test data never includes those key names. This is a real, repeatedly-exploited class in widely-used JavaScript libraries, not a theoretical concern — for example CVE-2019-10744 in lodash's defaultsDeep allowed Object.prototype pollution via a crafted {constructor: {prototype: {...}}} input.A missing CSRF defense lets a malicious page perform state-changing actions as a logged-in user — transferring funds, changing email or password, or deleting data — using the victim's ambient cookies. AI assistants often generate handlers that work in tests yet omit token validation or perform state changes on GET, because the happy path succeeds without any forged cross-site request. Relying on SameSite cookies alone is not sufficient: defaults vary, Lax still allows top-level GET navigations, and some clients or legacy browsers do not enforce it.A missing object-level authorization check lets any authenticated (or sometimes unauthenticated) user read, modify, or delete another user's data by changing an identifier in the request — accounts, documents, orders, invoices, and support tickets are common targets. AI assistants often generate a correct-looking handler for the current user's own data and skip the cross-user check entirely, because the happy-path test only ever exercises the requester's own objects. Switching to random/UUID identifiers reduces guessability but is not an authorization control; do not accept it as a substitute for a server-side ownership or permission check.Deserializing untrusted data with a native format's full-featured API (pickle, unsafe YAML, Java Serializable, PHP unserialize) can cause denial-of-service or remote code execution — the vulnerability triggers during deserializing itself, before any application logic runs on the result. AI assistants often reach for the most convenient deserialization call (pickle for Python object graphs, yaml.load for config-like YAML, ObjectInputStream for Java) without checking whether the input is trusted, since developer-controlled test data works regardless of which API is used. An integrity check (signature/MAC) added after deserialization already ran does not help — the attack happens during deserialization, so the check must gate the deserialization call itself, not just the object it produces.
Privacy notesPrototype pollution proof-of-concept payloads can trigger unexpected application-wide behavior in a shared environment; test in an isolated sandbox, not a shared staging or production system. Do not commit a working exploit payload targeting a specific internal endpoint into a public PR or issue; describe the vulnerable merge pattern and the class of key involved instead.CSRF tokens are security credentials; do not paste real tokens, session cookies, or production request captures into public PR comments or issues. Use synthetic accounts and redacted requests when demonstrating a CSRF proof of concept, and avoid attaching real user identifiers. Be careful that anti-CSRF tokens are not written into URLs, analytics, or logs, where they can leak through referer headers or shared dashboards.IDOR proof-of-concept testing can expose another account's real data; use synthetic test accounts and synthetic objects rather than real user records when demonstrating the issue. Do not paste real user identifiers, documents, or other objects retrieved during testing into a public PR or issue; redact or replace them with placeholders. Server-side logs and error messages for a denied access attempt should avoid echoing back the unauthorized object's contents, only that access was denied.Deserialization proof-of-concept payloads (e.g. a crafted pickle or Java serialized stream) can trigger real code execution in a test environment; run them only in an isolated, disposable sandbox, never against a shared or production system. Do not commit real crafted exploit payloads, credentials, or internal class/package names discovered while testing into a public PR or issue; describe the vulnerable pattern instead of attaching a working exploit.
Prerequisites
  • A pull request, diff, or snippet containing AI-generated or AI-edited JavaScript/TypeScript code that recursively merges, clones, or assigns object properties.
  • Knowledge of which objects in the change are built from or merged with untrusted input (request bodies, query strings, parsed config/JSON/YAML).
  • Awareness that this class of bug affects the entire process, not just the object being merged — Object.prototype pollution can enable denial-of-service, property injection into unrelated objects, or in some environments remote code execution.
  • Permission to block merge when a recursive merge/clone/assign helper on untrusted input doesn't explicitly guard __proto__/constructor/prototype keys.
  • A pull request, diff, or snippet containing an AI-generated or AI-edited request handler, form, or fetch call with enough context to know how the user is authenticated.
  • Knowledge of how the framework manages sessions and CSRF tokens, since built-in protection, cookie defaults, and token helpers differ between frameworks.
  • Awareness of which routes change state and which are read-only, so the review can focus on unsafe methods.
  • Permission to block merge when a cookie-authenticated state change ships without a CSRF defense.
  • A pull request, diff, or snippet containing an AI-generated or AI-edited endpoint, resolver, or data-access function that accepts an object identifier from the request.
  • Knowledge of the application's ownership/permission model, since what counts as "authorized" differs between single-owner resources, shared resources, and admin-only resources.
  • Access to at least two distinct user accounts (or awareness of how to create them) to verify cross-account access is actually denied, not just assumed.
  • Permission to block merge when an object-level authorization check is missing, inconsistent, or client-trusted.
  • A pull request, diff, or snippet containing AI-generated or AI-edited code that deserializes, unpickles, unmarshals, or loads structured data from an external source.
  • Knowledge of which deserialization APIs the language/framework in use considers "safe" versus "native/unsafe" (this differs significantly between Python, Java, PHP, Ruby, and JS/Node).
  • Awareness of which data sources in the application are genuinely untrusted (client-supplied, cross-service, or user-uploaded) versus fully internal and controlled.
  • Permission to block merge when untrusted data reaches a native deserialization API without an allowlist or integrity check.
Install
Config
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimed
Open 4 picks in the interactive comparison tool

Related guides

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.